Open pengyu opened 9 years ago
jedbrown
commented
9 years ago This is a filesystem issue, not a git-fat issue. (From a security perspective, it doesn't matter whether git-fat has an interface, it matters whether the underlying protocol and permissions system supports that operation.) If you would like to prevent other people from deleting your files, you can set the sticky bit. I don't want git-fat to need a custom server (too complicated and more surface area to secure).
pengyu
commented
9 years ago Would it be better to somehow allow something like pull request so that each one has its own fat-store repository? If everyone relies on a central fat-store repository, this sounds like not consistent with git's decentralization philosophy. Since git-fat is closely related with git, it is better to make it consistent with git in this aspect.
jedbrown
commented
9 years ago This is a separate issue and the reason I want git-fat to have named remotes. We have discussed it a few times.
pengyu
commented
9 years ago OK. When do you think the named remote feature will be added?
jedbrown
commented
9 years ago I can't promise a date, but see PR #28 for recent discussion.
How secure is it to use git-fat with other people to manage the repository. In particular, it seems that everybody should have write access to the some fat-store directory. So anyone is able to delete something from fat-store? Is there something like pull request that allows each person has it own fat-store directory, yet allow pulling changes from others' fat-store directories?